Here's another week of the Liquidmatrix Briefing. Dave figured out that things work better when he has minions. Stay tuned for the regular gang of fools doing the full round-table - we accept our erratic nature.

And if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out.

DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.

ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.

Hi folks, Dave here. I've set up a new short security news briefing format for a weekly update in addition to our main podcast. This is just a test balloon for this week. I plan to get it smoother for next week.

Starting off this week...

News news news...

And if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out.

DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.

ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 1 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.

If you're interested in helping out with openCERT.ca, drop a line to info@openCERT.ca

Upcoming Appearances: Dave will be attending Security Congress, in Chicago then on a plane to Derbycon, HITB in Malaysia, Deepsec in Austria and Hackfest in Quebec City. James will be speaking at Hackfest in Quebec. James, Ben and Dave will be joined by Mike Rothman for SecTor 2013's return of the (canadian) fail panel. And Wil is going to be a dirty hippy out in the desert at Burning Man, but back and showered in time for BSidesTO and SecTor.

I just recently started listening to the podcast as I'm only now discovering the infosec field, so first off, I'd like to say thank you for making this resource freely available.

Now for my question; I am an incoming college freshman (Computer Science) and am at a sort of crossroads. If I wanted to put myself in the best possible position for a successful career in the infosec field, is the military a viable option? I have the option of joining ROTC in school, and I would have to commit to this if I decided to peruse that path. My long term goal would be to work for an intelligence agency in the federal government.

If I was to leave the military or not pursue federal work, do most private companies hire employees with active duty military experience?

Or would remaining a civilian throughout school present me with more opportunities?

-Shane

Non-Noob Response

The answer is absolutely. Active duty military is a plus when getting hired. I would suggest finding a profession that you like and can enjoy such as intelligence, networking, or information security jobs inside the service. I for one wouldn't be where I am today without the help of being in the military. Gave me the focus, experience, and opportunity to break through in the private sector.

If you're interested in helping out with openCERT.ca, drop a line to info@openCERT.ca

Upcoming Appearances: Dave will be attending Derbycon, in Chicago, Hackfest in Quebec City and AppSecUSA in NY. James will be speaking at Derbycon and Hackfest in Quebec. James, Ben and Dave will be joined by Mike Rothman for SecTor 2013's return of the (canadian) fail panel. And Wil is going to be a dirty hippy out in the desert at Burning Man, but back and showered in time for BSidesTO and SecTor.

The Liquidmatrix Vegas Party- You've asked when and where - that'd be "We don't know yet" and "The week of Blackhat/BSides/DEFCON". You can beg your way onto the list by sending an email to vegas2013party@liquidmatrix.org.

The BSidesLV Ticket Give-away-

Three tickets up for grabs:

best original piece of artwork incorporating a security rock star; bonus points for using a unicorn

best rap song about a major breach

best poem describing a vendor DERP

Judging will be done by The Liquidmatrix Intern. Mocking will be done by us. I'd suggest you start buying a vote early. Email your submission to bsideslv2013@liquidmatrix.org

If you're interested in helping out with openCERT.ca, drop a line to info@openCERT.ca

Upcoming Appearances: James Training (with Rich Mogull) and Matt Speaking at BHUSA. Dave now will be writing for CSO Online and will be attending Black Hat, DEF CON, Secure Asia in Manila and Security Congress 2013 in Chicago and Hackfest in Quebec City. Matt and Wil will be at Blackhat/DEF CON and James, Ben and Dave will be joined by Mike Rothman for SecTor 2013's return of the (canadian) fail panel.

In Closing

Word of the Week -- Cyberlympics - I think it means CTF, but I'm not sure. Check it out here.

Movie Review -- Firewall! Because you know that Harrison Ford can type 120 words per minute.

All I can hear is the voice of Edward R. Rooney saying "Nine Times"... well, that and the 49th parallel (which is 6 parallels north of where 3/5ths of the gang is hanging out). No one reads the notes so I know that I'm just talking to myself here. It's probably bad when you start talking to yourself. Perhaps.

Upcoming this week...

Lots of News

Breaches

SCADA / Cyber, cyber... etc.

finishing it off with DERPs/Mailbag and

There will be a DEEP DIVE

And there are weekly Briefs - no arguing or discussion allowed

And if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out.

DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.

ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.

I'd like to start by saying that I thoroughly enjoy your podcast. It's a great combination of security news, comedy, and tragedy. It's great, keep it up. I'm emailing about your podcast to you rather than posting on the appropriate Facebook page, as I find email to be a preferred method of communication. I hope that's okay.

Now, my question. I'm a young, ambitious Engineer who finds the topic of Network Security to be exciting and interesting. I work in a network security team in a large company and I am always trying to expand my skills and abilities. Simply put, I'm wondering what advice you have for an inspiring individual in this industry. Also, what resources did you rely on when you were starting out. What resources do you find to be the most valuable now?

Specifically I struggle with finding friends, co-workers, or online buddies that share the same career interests and passion. After I spend a day troubleshooting a particular security issue I want to have a group of individuals I can spit ball ideas with. I find myself feeling like I am in a silo. This is particularly odd because I know for a fact that the world is full of brilliant network security minds. I'm thinking of attending one of the upcoming security conferences this year just to make some like minded friends. It's just annoying/expensive because I'd likely have to fly to the US. Any guidance that you could provide would be helpful.

The Liquidmatrix Vegas Party- You've asked when and where - that'd be "We don't know yet" and "The week of Blackhat/BSides/DEFCON". You can beg your way onto the list by sending an email to vegas2013party@liquidmatrix.org.

The BSidesLV Ticket Give-away-

Three tickets up for grabs:

best original piece of artwork incorporating a security rock star; bonus points for using a unicorn

best rap song about a major breach

best poem describing a vendor DERP

Judging will be done by The Liquidmatrix Intern. Mocking will be done by us. I'd suggest you start buying a vote early. Email your submission to bsideslv2013@liquidmatrix.org

If you're interested in helping out with openCERT.ca, drop a line to info@openCERT.ca

Upcoming Appearances: James Training (with Rich Mogull) and Matt Speaking at BHUSA. Dave is attending Black Hat, DEF CON, Secure Asia in Manila and Security Congress 2013 in Chicago. Matt and Wil will be at Blackhat/DEF CON and James, Ben and Dave will be joined by Mike Rothman for SecTor 2013's return of the (canadian) fail panel.

The Liquidmatrix Vegas Party- You've asked when and where - that'd be "We don't know yet" and "The week of Blackhat/BSides/DEFCON". You can beg your way onto the list by sending an email to vegas2013party@liquidmatrix.org.

The BSidesLV Ticket Give-away-

Three tickets up for grabs:

best original piece of artwork incorporating a security rock star; bonus points for using a unicorn

best rap song about a major breach

best poem describing a vendor DERP

Judging will be done by The Liquidmatrix Intern. Mocking will be done by us. I'd suggest you start buying a vote early. Email your submission to bsideslv2013@liquidmatrix.org

If you're interested in helping out with openCERT.ca, drop a line to info@openCERT.ca

Upcoming Appearances: James Training (with Rich Mogull) and Matt Speaking at BHUSA. Dave will be speaking at SC Congress Toronto and attending Black Hat, DEF CON, Secure Asia in Manila and Security Congress 2013. Matt and Wil will be at Blackhat/DEF CON and James, Ben and Dave will be joined by Mike Rothman for SecTor 2013's return of the (canadian) fail panel.

So I was listening to 0x29 and a thought came to me during the part about Moxie and the line that the Saudi recruiter used on him which was the standard refrain of: "You either stand with us, or you stand with the terrorists!" Or "You either stand for surveillance or you stand with the child pornographers."

Can we not just turn that on its head using their own logic and say: "You either stand for privacy and security or you stand with the human rights abusers."

Since the people pushing the big brother agenda only chose to use black and white in their pictures of the world, what happens when the colours are reversed?

The Liquidmatrix Vegas Party- You've asked when and where - that'd be "We don't know yet" and "The week of Blackhat/BSides/DEFCON". You can beg your way onto the list by sending an email to vegas2013party@liquidmatrix.org.

The BSidesLV Ticket Give-away-

Three tickets up for grabs:

best original piece of artwork incorporating a security rock star; bonus points for using a unicorn

best rap song about a major breach

best poem describing a vendor DERP

Judging will be done by The Liquidmatrix Intern. Mocking will be done by us. I'd suggest you start buying a vote early. Email your submission to bsideslv2013@liquidmatrix.org

If you're interested in helping out with openCERT.ca, drop a line to info@openCERT.ca

Upcoming Appearances: James Training (with Rich Mogull) and Matt Speaking at BHUSA. Dave will be speaking at SC Congress Toronto and attending Black Hat, DEF CON, Secure Asia in Manila and Security Congress 2013. Matt and Wil will be at Blackhat/DEF CON and James, Ben and Dave will be joined by Mike Rothman for SecTor 2013's return of the (canadian) fail panel.

So last week had a really annoying failure in the workflow that gets this podcast from a bad Skype conference call to your ears oh precious listener. In this case, it was the failure to apply the noise canceller magic. This means that if you downloaded the podcast from the time that it was posted until I overheard the Liquidmatrix Intern listening to the podcast, you got to hear all of the background noise from each recording. Including Wil's unfortunately loud Bermuda frogs. I can't promise that it won't happen again, mostly because so much of the production workflow is human-based and not automatically awesome like it could be. Sigh. I suppose all of those automation people can't be wrong. Or something.

Upcoming this week...

Lots of News

Breaches

SCADA / Cyber, cyber... etc.

But there are weekly Briefs - no arguing or discussion allowed

And if you've got commentary, please sent it to mailbag@liquidmatrix.org for us to check out.

DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work.

ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 5 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good.

The Liquidmatrix Vegas Party- You've asked when and where - that'd be "We don't know yet" and "The week of Blackhat/BSides/DEFCON". You can beg your way onto the list by sending an email to vegas2013party@liquidmatrix.org.

The BSidesLV Ticket Give-away-

Three tickets up for grabs:

best original piece of artwork incorporating a security rock star; bonus points for using a unicorn

best rap song about a major breach

best poem describing a vendor DERP

Judging will be done by The Liquidmatrix Intern. Mocking will be done by us. I'd suggest you start buying a vote early. Email your submission to bsideslv2013@liquidmatrix.org

If you're interested in helping out with openCERT.ca, drop a line to info@openCERT.ca

Upcoming Appearances: James Training (with Rich Mogull) at BHUSA. Dave will be at Black Hat, DEF CON, Secure Asia. Matt and Wil will be at Blackhat/DEF CON and James, Ben and Dave will be joined by Mike Rothman for SecTor 2013's return of the (canadian) fail panel.

In Closing

Movie Review Big: All about authentication and authorization when biometrics won't work anymore.